Let's encrypt stopped working

Neograph734

Verified User
Joined
Sep 17, 2014
Messages
18
Yesterday an automated renewal of a letsencrypt certificate failed with this message:

Code:
Getting challenge for domain.nl from acme-server...
/usr/local/directadmin/scripts/letsencrypt.sh: line 319: /var/www/html/.well-known/acme-challenge/: Is a directory
/usr/local/directadmin/scripts/letsencrypt.sh: line 322: [: -ne: unary operator expected
Waiting for domain verification...
rm: cannot remove `/var/www/html/.well-known/acme-challenge/': Is a directory
Challenge is . Details: . Exiting...
In fact every other request I make now seems to fail as well with a similar message. Did letsencrypt update their API and has the DA script become incompatible? Or is this a letsencrypt issue? The services seem to be working: https://letsencrypt.status.io
 

Neograph734

Verified User
Joined
Sep 17, 2014
Messages
18
Thanks, I will check those out. Any idea when a new stable release will be available? (I have had some bad experiences with beta software)
 

Kiekeboe100

Verified User
Joined
Apr 19, 2008
Messages
143
Location
Belgium
Is it only the script that has changed to fix this, or are the new binaries really needed?

If it's only the script, anybody who would like to upload it so we can replace it manually without the need to go to pre-release binaries on a production system?
 

1024kb

Verified User
Joined
Jun 25, 2014
Messages
44
I'm curious to know when a new stable release including this fix will be available as well?

Also what exactly is causing the problem?
 

Kiekeboe100

Verified User
Joined
Apr 19, 2008
Messages
143
Location
Belgium
I'm curious to know when a new stable release including this fix will be available as well?

Also what exactly is causing the problem?
Hi,

If you download the pre release tar.gz and extract it, you can copy the letsencrypt.sh file from the scripts folder over to the directadmin scripts folder.
It will get replaced on the next upgraded since it's not in the custom directory, but that won't be a problem since the fix will be in there anyways.

This worked for me, I was able to create a new let's encrypt certificate for a website.
I'm now only wondering if the failed renewal will be tried again tomorrow.

regards,
Stijn
 

1024kb

Verified User
Joined
Jun 25, 2014
Messages
44
Hi,

If you download the pre release tar.gz and extract it, you can copy the letsencrypt.sh file from the scripts folder over to the directadmin scripts folder.
It will get replaced on the next upgraded since it's not in the custom directory, but that won't be a problem since the fix will be in there anyways.

This worked for me, I was able to create a new let's encrypt certificate for a website.
I'm now only wondering if the failed renewal will be tried again tomorrow.

regards,
Stijn
I grabbed the update.tar.gz via this process (I hope that's the right file?). I took the letsencrypt.sh script from there and put it in my /usr/local/directadmin/scripts, restarted DirectAdmin, but it's still failing with the same error.

Edit: Disregard the above. I went to the Client Area and grabbed the pre-release binaries and used the script out of that and it's working now. Thanks!
 
Last edited:

ZipperZapper

Verified User
Joined
Nov 30, 2015
Messages
111
Weird. I replaced almost all my certs by hand through the panel last friday, because it turned out the automatic renewal hadn't worked right, despite of mailing me it did.
I wanted to renew a cert from another site today and now I get the same error as in the opening post, didn't recall on updating Custombuild yesterday, but whatever.

I purchased my license through a reselling hoster in the Netherlands which means I can't login to the client area of DirectAdmin. Is there any way this can be fixed another way around, smtalk? It's became a nasty problem right now. Had to get the old cert from a backup, but will expire in a few days.

Maybe someone can post the new letsencrypt.sh here? Or would that be illegal?
 

Neograph734

Verified User
Joined
Sep 17, 2014
Messages
18
I purchased my license through a reselling hoster in the Netherlands which means I can't login to the client area of DirectAdmin. Is there any way this can be fixed another way around, smtalk?
Yup it appears the same applies to me. No way for me to get the script and most domains are near expiry... If the letsencrypt script cannot be posted here, could we perhaps get it via Personal Message or something?
 

BBM

Verified User
Joined
Jun 8, 2013
Messages
340
Location
Dutch Mountains
All this manual 'pre-release'-stuff is nice, but I'm kinda wondering why DA doesn't simply push out the update, since there's obviously something important needing to be fixed which causes plenty of issues for some?
 

ZipperZapper

Verified User
Joined
Nov 30, 2015
Messages
111
All this manual 'pre-release'-stuff is nice, but I'm kinda wondering why DA doesn't simply push out the update, since there's obviously something important needing to be fixed which causes plenty of issues for some?
This. Puzzles me completely.
 

smtalk

Administrator
Staff member
Joined
Aug 22, 2006
Messages
8,788
Location
LT, EU
Let's encrypt support was marked as BETA in DirectAdmin 1.50: https://www.directadmin.com/features.php?id=1828. That's the reason why a new version of DA hasn't been released just to fix the let's encrypt issue.

To fix the script for DA 1.50 it's enough to change the following line:
Code:
CHALLENGE="`echo "${RESPONSE}" | egrep -o '{[^{]*\"type\":\"http-01\"[^}]*'`"
To:
Code:
CHALLENGE="`echo "${RESPONSE}" | awk '/\"type\": \"http-01\"/,/}/'`"
 

ZipperZapper

Verified User
Joined
Nov 30, 2015
Messages
111
Let's encrypt support was marked as BETA in DirectAdmin 1.50: https://www.directadmin.com/features.php?id=1828. That's the reason why a new version of DA hasn't been released just to fix the let's encrypt issue.

To fix the script for DA 1.50 it's enough to change the following line:
Code:
CHALLENGE="`echo "${RESPONSE}" | egrep -o '{[^{]*\"type\":\"http-01\"[^}]*'`"
To:
Code:
CHALLENGE="`echo "${RESPONSE}" | awk '/\"type\": \"http-01\"/,/}/'`"
Thanks for explaining and helping here! This fixed the issue for me.
 

saosangmo

Verified User
Joined
Oct 3, 2012
Messages
120
Location
Hanoi
hi smtalk,
Could you tell me where to modify these lines.
many thanks

Let's encrypt support was marked as BETA in DirectAdmin 1.50: https://www.directadmin.com/features.php?id=1828. That's the reason why a new version of DA hasn't been released just to fix the let's encrypt issue.

To fix the script for DA 1.50 it's enough to change the following line:
Code:
CHALLENGE="`echo "${RESPONSE}" | egrep -o '{[^{]*\"type\":\"http-01\"[^}]*'`"
To:
Code:
CHALLENGE="`echo "${RESPONSE}" | awk '/\"type\": \"http-01\"/,/}/'`"
 

ger

New member
Joined
May 23, 2016
Messages
1
Worked

Great, it worked for me with replacing to:

HTML:
CHALLENGE="`echo "${RESPONSE}" | awk '/\"type\": \"http-01\"/,/}/'`"
 

hedacom

New member
Joined
Feb 23, 2016
Messages
3
Let's encrypt support was marked as BETA in DirectAdmin 1.50: https://www.directadmin.com/features.php?id=1828. That's the reason why a new version of DA hasn't been released just to fix the let's encrypt issue.

To fix the script for DA 1.50 it's enough to change the following line:
Code:
CHALLENGE="`echo "${RESPONSE}" | egrep -o '{[^{]*\"type\":\"http-01\"[^}]*'`"
To:
Code:
CHALLENGE="`echo "${RESPONSE}" | awk '/\"type\": \"http-01\"/,/}/'`"
Thank you! Works great.
 

EWM

New member
Joined
May 29, 2016
Messages
1
Let's encrypt support was marked as BETA in DirectAdmin 1.50: https://www.directadmin.com/features.php?id=1828. That's the reason why a new version of DA hasn't been released just to fix the let's encrypt issue.

To fix the script for DA 1.50 it's enough to change the following line:
Code:
CHALLENGE="`echo "${RESPONSE}" | egrep -o '{[^{]*\"type\":\"http-01\"[^}]*'`"
To:
Code:
CHALLENGE="`echo "${RESPONSE}" | awk '/\"type\": \"http-01\"/,/}/'`"
Thank you! I can confirm this works great!
 
Top